Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sunny007
New Contributor

Fortimail DLP

Hi Guys,

 

I'd want to have some details specific on Fortimail DLP works, I basically know that Fortimail prevent sensitive data from leaving your network. You can define sensitive data patterns(only regex?), you can take actions against the email containing data matching these patterns. You configure the DLP system by creating individual rules based on document fingerprinting (how it works) , file filters according to policy.

 

Also for example if someone send a picture of a credit card will the DLP be able to block.  Please let me know the details

2 REPLIES 2
Carl_Windsor_FTNT

FortiMail DLP works in different ways for different features/detection methods but is not only Regex based:

 

Profile > Dictionary

This is outside the DLP Menu but allows you to perform keyword and Regex detection.  Some compliance dictionaries are available e.g. for SOX, GLBA and HIPAA etc and you can make use of smart identifiers to locate Social Security, Credit Card and Healthcare numbers etc.

 

Date Loss Prevention > Sensitive Data > Fingerprint

Manual upload of files to be detected traversing the FortiMail.  We create fuzzy checksums for the file which allow the file format to be changed e.g. Office to text and the file split up whilst still being able to detect the content.

 

Date Loss Prevention > Sensitive Data > Fingerprint Source

Similar to the above but rather than manually uploading the file, a Windows Fileshare is monitored and anything added, automatically added to the fingerprint list.

 

Date Loss Prevention > Sensitive Data > Standard Compliance

Detection for credit card, SSN, HIPAA, Healtchare, Driving License data for use in  Date Loss Prevention > Rule & Profile > Rule

 

Date Loss Prevention > Rule & Profile > Rule / Profile

You can create complex DLP filtering with combinations of regex, sensitive data, boolean matching using these two options.

 

>Also for example if someone send a picture of a credit card will the DLP be able to block. 

 

No, however, as part of our Image Content Analysis feature we will be looking to introduce this capability in a future release.

Dr. Carl Windsor Field Chief Technology Officer Fortinet

sunny007

Hi Carl,

This explanation makes perfect sense, and answers all my queries.

 

Thanks you

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors